Display.pdb
Static task
static1
1 signatures
General
-
Target
x64__x32__installer___.zip
-
Size
32.6MB
-
MD5
a6f753a50fa6b3d7564ef9b87c94a570
-
SHA1
9bb5ad62017968a4dc57180db6411aefe39bcf37
-
SHA256
58865f7870684c22f146bf9e74549c308b5fb0a90e629d7773bac8ab4682fade
-
SHA512
ae50a12a1db0f1c7548df4f006f411a36ab547b29c9a9c4e5e2c57abdc31dc6b41405e84bcba263ad006f56caba4a19ee36bf10f8e74cb4e91c632413caf4571
-
SSDEEP
786432:LZfiKuw7rJmfRZYu9pHel0oXaowsC17TGrFgQ3pe3MEYd/UZNeIc:LFA/HmjwnKruQZecZMa5
Score
3/10
Malware Config
Signatures
-
Unsigned PE 16 IoCs
Checks for missing Authenticode signature.
resource unpack001/container/Display.dll unpack001/container/container.dll unpack001/container/daxexec.dll unpack001/container/dmocx.dll unpack001/els/els.dll unpack001/els/energy.dll unpack001/els/es.dll unpack001/els/psisdecd.dll unpack001/neth/NetSetupShim.dll unpack001/neth/PeerDistSh.dll unpack001/neth/neth.dll unpack001/neth/sdohlp.dll unpack001/sud/StorSvc.dll unpack001/sud/security.dll unpack001/sud/sppnp.dll unpack001/sud/sud.dll
Files
-
x64__x32__installer___.zip.zip
-
container/Display.dll.dll windows:10 windows x64 arch:x64
c864bd970b52b07ca184b7253e4fd3e9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
memcpy
__CxxFrameHandler3
_onexit
__dllonexit
_unlock
_vsnwprintf
__C_specific_handler
_initterm
malloc
free
_amsg_exit
_XcptFilter
atoi
_wcsnicmp
memcmp
_wcsicmp
memcpy_s
_lock
memset
shell32
ord169
ord167
ord194
ord74
ord59
shlwapi
SHDeleteKeyW
ord388
SHGetValueW
SHStrDupW
ord219
StrStrIW
StrRChrW
StrCmpIW
SHSetValueW
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadStringW
LoadLibraryExW
DisableThreadLibraryCalls
api-ms-win-core-synch-l1-1-0
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreExW
CreateMutexExW
WaitForSingleObjectEx
OpenSemaphoreW
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
DebugBreak
OutputDebugStringW
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteValueW
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
GlobalAlloc
api-ms-win-core-com-l1-1-0
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
CoCreateInstance
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
api-ms-win-core-synch-l1-2-0
InitOnceComplete
Sleep
InitOnceBeginInitialize
api-ms-win-devices-config-l1-1-1
CM_Get_Device_ID_Size
CM_Locate_DevNodeW
CM_Get_Child
CM_Get_Device_IDW
CM_Get_Sibling
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
ntdll
EtwEventRegister
EtwEventSetInformation
EtwEventUnregister
EtwEventWriteTransfer
kernel32
lstrlenW
DeactivateActCtx
ReleaseActCtx
CreateActCtxW
lstrcmpiW
ActivateActCtx
user32
SetProcessDPIAware
SendMessageW
SetRectEmpty
RegisterClipboardFormatW
QueryDisplayConfig
DisplayConfigGetDeviceInfo
EnumDisplaySettingsExW
EqualRect
AlignRects
SetDisplayConfig
CopyRect
SetCursorPos
ChangeDisplaySettingsExW
GetDisplayConfigBufferSizes
ord2507
ChangeDisplaySettingsW
GetCursorPos
GetAutoRotationState
DisplayConfigSetDeviceInfo
EnumDisplaySettingsW
OffsetRect
GetSystemMetrics
SystemParametersInfoW
EnumDisplayDevicesW
SetRect
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DisplaySaveSettingsEx
DllCanUnloadNow
DllGetClassObject
ShowAdapterSettings
Sections
.text Size: 75KB - Virtual size: 75KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 416B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
container/container.dll.dll windows:10 windows x64 arch:x64
6a5352d96ca8f01a406da8b89b3d2ac2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
container.pdb
Imports
msvcp_win
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?uncaught_exception@std@@YA_NXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
api-ms-win-crt-string-l1-1-0
memset
wcsncmp
wcscmp
api-ms-win-crt-runtime-l1-1-0
_initterm
_initterm_e
api-ms-win-crt-private-l1-1-0
_o___stdio_common_vsnprintf_s
_o___stdio_common_vswprintf
_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
__std_terminate
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o___std_exception_destroy
memmove
_o__wcsicmp
_o_abort
_o_free
_o_malloc
_o_terminate
_o_towlower
_o_towupper
_o_wcscpy_s
_o_wcstol
_o_wcstoull
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
__CxxFrameHandler4
_o___std_exception_copy
_o___std_type_info_destroy_list
memcmp
memcpy
ntdll
NtQueryInformationJobObject
NtAssignProcessToJobObject
NtClose
RtlQueryRegistryValuesEx
RtlInitUnicodeString
NtFsControlFile
NtOpenSymbolicLinkObject
NtCreateDirectoryObjectEx
NtQuerySymbolicLinkObject
NtSetInformationSymbolicLink
NtOpenDirectoryObject
NtCreateSymbolicLinkObject
NtQueryKey
NtDeleteKey
NtEnumerateKey
NtOpenKey
NtCreateKey
RtlConnectToSm
NtSetInformationJobObject
RtlAllocateHeap
RtlDosPathNameToRelativeNtPathName_U_WithStatus
RtlReleaseRelativeName
NtQueryEaFile
RtlFreeHeap
NtWaitForSingleObject
NtCreateFile
NtSetValueKey
TpReleaseJobNotification
TpAllocJobNotification
TpWaitForJobNotification
RtlStringFromGUIDEx
NtQuerySecurityObject
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlSendMsgToSm
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
api-ms-win-core-synch-l1-2-0
InitOnceComplete
InitOnceBeginInitialize
api-ms-win-core-synch-l1-1-0
CreateSemaphoreExW
ReleaseSRWLockExclusive
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
EnterCriticalSection
AcquireSRWLockExclusive
LeaveCriticalSection
InitializeCriticalSectionEx
WaitForSingleObject
ReleaseSRWLockShared
AcquireSRWLockShared
DeleteCriticalSection
ReleaseMutex
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-errorhandling-l1-1-0
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventUnregister
EventActivityIdControl
EventRegister
EventWriteTransfer
api-ms-win-core-file-l1-1-0
FindClose
GetFileSize
ReadFile
CreateFileW
FindFirstFileExW
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
InitializeProcThreadAttributeList
GetCurrentProcessId
GetCurrentProcess
CreateProcessAsUserW
OpenProcessToken
UpdateProcThreadAttribute
GetCurrentThreadId
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-security-base-l1-1-0
DuplicateTokenEx
SetTokenInformation
api-ms-win-core-threadpool-l1-2-0
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegGetValueW
api-ms-win-core-sysinfo-l1-1-0
GetWindowsDirectoryW
GetSystemTimeAsFileTime
iphlpapi
InitializeCompartmentEntry
DeleteCompartment
GetJobCompartmentId
CreateCompartment
SetJobCompartmentId
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
?AddRuntimeVirtualKeysToContainer@container@@YAXPEAXKPEAU_WC_VKEY_INFO@@@Z
?CleanupContainer@container@@YAXPEAXPEBG@Z
?CreateContainer@container@@YAXPEAXAEBUContainer@DefinitionFile@1@_N0@Z
?GetComRegistryRoot@container@@YAPEAXPEAX@Z
?GetContainerIdentifierString@container@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PEAX@Z
?GetContainerObjectRootPath@container@@YAXPEAXAEAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?GetRegistryRootPath@container@@YAXPEAXAEBV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AEAV23@@Z
?IsContainerQuiescent@container@@YAEPEAX@Z
?LaunchApplicationContainer@container@@YAPEAXPEAXPEBGK@Z
?LaunchContainer@container@@YAXPEAX@Z
?RegisterForContainerTerminationNotification@container@@YAPEAU_WC_CONTAINER_NOTIFICATION@@PEAXP6AX0W4_WC_CONTAINER_TERMINATION_REASON@@PEAU2@0@Z0@Z
?ReleaseContainerTerminationNotification@container@@YAXPEAU_WC_CONTAINER_NOTIFICATION@@@Z
?SetRegistryFlushState@container@@YAXPEAXE@Z
?ShutdownAppContainer@container@@YA_NPEAX@Z
?WaitForContainerTerminationNotification@container@@YAXPEAU_WC_CONTAINER_NOTIFICATION@@@Z
WcAddRuntimeVirtualKeysToContainer
WcCleanupContainer
WcCreateContainer
WcCreateDescriptionFromXml
WcDestroyDescription
WcGetComRegistryRoot
WcGetContainerIdentifier
WcGetContainerObjectRootPath
WcGetContainerRegistryRootPath
WcIsContainerQuiescent
WcLaunchApplicationContainer
WcLaunchContainer
WcRegisterForContainerTerminationNotification
WcReleaseContainerTerminationNotification
WcSetRegistryFlushState
WcShutdownAppContainer
WcWaitForContainerTerminationNotification
Sections
.text Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
container/daxexec.dll.dll windows:10 windows x64 arch:x64
5041e351eed7fd789520bd199556516e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
daxexec.pdb
Imports
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__ui64tow_s
_o__wcsicmp
_o__wcsnicmp
_o__wtoi
_o_calloc
memmove
_o_free
_o_malloc
_o_terminate
_o_toupper
_o_wcscat_s
_o_wcsncat_s
_o_wcsncpy_s
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__invalid_parameter_noinfo_noreturn
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__invalid_parameter_noinfo
_o__aligned_malloc
_o__initialize_onexit_table
_o__aligned_free
wcschr
__std_type_info_compare
_o___stdio_common_vswprintf
_o__initialize_narrow_environment
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcmp
memcpy
api-ms-win-crt-string-l1-1-0
wcsnlen
memset
wcsncmp
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
GetModuleFileNameW
GetModuleHandleExW
GetModuleFileNameA
DisableThreadLibraryCalls
GetProcAddress
api-ms-win-core-synch-l1-1-0
CreateEventW
WaitForSingleObject
InitializeCriticalSectionEx
ResetEvent
WaitForSingleObjectEx
OpenSemaphoreW
InitializeSRWLock
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseSRWLockShared
ReleaseMutex
EnterCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockShared
CreateMutexExW
CreateSemaphoreExW
CreateEventExW
SetEvent
AcquireSRWLockExclusive
LeaveCriticalSection
ReleaseSemaphore
api-ms-win-core-heap-l1-1-0
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
api-ms-win-core-errorhandling-l1-1-0
RaiseException
SetLastError
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0
GetCurrentThread
GetProcessId
TlsFree
GetCurrentProcessId
OpenProcessToken
TerminateProcess
GetCurrentProcess
OpenThreadToken
TlsSetValue
CreateProcessAsUserW
TlsAlloc
OpenThread
TlsGetValue
SuspendThread
SetThreadToken
ProcessIdToSessionId
GetCurrentThreadId
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
rpcrt4
CStdStubBuffer_QueryInterface
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
NdrStubForwardingFunction
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_Invoke
NdrOleAllocate
NdrCStdStubBuffer2_Release
NdrStubCall3
Ndr64AsyncClientCall
RpcBindingFree
RpcAsyncCancelCall
RpcStringFreeW
RpcBindingSetAuthInfoExW
RpcAsyncCompleteCall
I_RpcExceptionFilter
RpcStringBindingComposeW
RpcBindingFromStringBindingW
IUnknown_AddRef_Proxy
RpcAsyncInitializeHandle
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
IUnknown_Release_Proxy
api-ms-win-eventing-provider-l1-1-0
EventActivityIdControl
EventUnregister
EventProviderEnabled
EventWriteTransfer
EventRegister
EventSetInformation
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
api-ms-win-core-synch-l1-2-0
InitOnceComplete
InitOnceBeginInitialize
Sleep
InitOnceExecuteOnce
api-ms-win-core-com-midlproxystub-l1-1-0
NdrProxyForwardingFunction4
CStdStubBuffer2_Disconnect
NdrProxyForwardingFunction5
ObjectStublessClient3
NdrProxyForwardingFunction3
CStdStubBuffer2_Connect
CStdStubBuffer2_QueryInterface
ObjectStublessClient6
CStdStubBuffer2_CountRefs
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
api-ms-win-core-processthreads-l1-1-1
IsProcessorFeaturePresent
OpenProcess
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemInfo
GetSystemDirectoryW
GetTickCount
GetSystemTimeAsFileTime
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
api-ms-win-core-registry-l1-1-0
RegDeleteTreeW
RegGetValueW
RegCreateKeyExW
RegCloseKey
RegQueryInfoKeyW
RegOpenCurrentUser
RegSetValueExW
RegOpenKeyExW
ntdll
RtlUpcaseUnicodeChar
RtlValidSid
NtOpenKeyTransactedEx
NtRenameKey
NtCreateKey
NtSetInformationKey
NtQueryInformationFile
NtDuplicateObject
NtQueryAttributesFile
RtlFindNextForwardRunClear
RtlNumberOfSetBits
RtlInitializeSRWLock
NtDeleteValueKey
NtQueryDirectoryFileEx
NtSetSecurityObject
NtNotifyChangeKey
NtDeleteFile
NtFlushKey
NtCreateKeyTransacted
NtSetInformationFile
NtNotifyChangeMultipleKeys
NtOpenKeyEx
NtOpenKey
NtEnumerateValueKey
NtEnumerateKey
RtlCompareUnicodeString
RtlNtStatusToDosErrorNoTeb
NtDeleteKey
NtQueryMultipleValueKey
NtQueryKey
NtSetInformationJobObject
NtTerminateJobObject
NtMakeTemporaryObject
NtQueryDirectoryFile
NtCreateJobObject
NtCreateMutant
NtOpenMutant
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlDosPathNameToNtPathName_U_WithStatus
RtlCopySid
EtwEventUnregister
EtwEventWrite
NtSetValueKey
EtwEventRegister
NtOpenJobObject
NtQuerySecurityAttributesToken
NtOpenFile
RtlFindAceByType
RtlEqualSid
RtlGetLastNtStatus
NtQueryInformationProcess
RtlLengthSid
RtlFreeHeap
RtlAllocateHeap
NtWaitForMultipleObjects
PssNtFreeSnapshot
PssNtCaptureSnapshot
NtOpenProcess
NtAlpcSendWaitReceivePort
NtAlpcConnectPort
RtlAllocateAndInitializeSid
NtQuerySystemInformation
NtClose
NtWaitForSingleObject
NtOpenEvent
EtwEventWriteNoRegistration
ZwUpdateWnfStateData
ZwQueryWnfStateNameInformation
NtOpenKeyTransacted
NtQueryValueKey
RtlDeriveCapabilitySidsFromName
wcsstr
NtCreateFile
RtlInitUnicodeString
NtQueryFullAttributesFile
RtlExpandEnvironmentStrings
NtQueryObject
RtlQueryEnvironmentVariable
RtlQueryResourcePolicy
RtlRunOnceComplete
RtlWow64IsWowGuestMachineSupported
RtlNtStatusToDosError
RtlFreeSid
RtlAdjustPrivilege
NtTerminateProcess
RtlCreateServiceSid
NtDuplicateToken
NtQueryInformationToken
RtlRunOnceExecuteOnce
RtlRunOnceBeginInitialize
NtQuerySecurityObject
RtlSleepConditionVariableSRW
RtlWakeAllConditionVariable
RtlAcquireSRWLockExclusive
RtlReleaseSRWLockExclusive
api-ms-win-security-base-private-l1-1-1
CreateAppContainerToken
api-ms-win-core-file-l1-1-0
GetVolumePathNameW
CreateFileW
GetFileSizeEx
SetFileInformationByHandle
WriteFile
ReadFile
FlushFileBuffers
SetFileAttributesW
CreateDirectoryW
FindClose
GetVolumeInformationW
FindFirstFileW
GetFileInformationByHandle
GetFileAttributesW
DeleteFileW
RemoveDirectoryW
GetFinalPathNameByHandleW
GetLongPathNameW
FindNextFileW
FindFirstFileExW
api-ms-win-core-threadpool-l1-2-0
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
fltlib
FilterInstanceCreate
FilterInstanceClose
FilterConnectCommunicationPort
FilterAttach
FilterLoad
FilterSendMessage
profapi
ord102
ord101
api-ms-win-core-path-l1-1-0
PathCchSkipRoot
PathAllocCombine
PathAllocCanonicalize
PathIsUNCEx
PathCchRemoveBackslash
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-security-sddl-l1-1-0
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
ConvertSecurityDescriptorToStringSecurityDescriptorW
api-ms-win-core-registry-l2-1-0
RegOpenKeyW
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
RoActivateInstance
api-ms-win-shcore-taskpool-l1-1-0
SHTaskPoolQueueTask
SHTaskPoolGetUniqueContext
api-ms-win-core-console-l1-1-0
SetConsoleCtrlHandler
api-ms-win-core-console-l1-2-0
AttachConsole
FreeConsole
api-ms-win-core-console-l2-1-0
GenerateConsoleCtrlEvent
api-ms-win-security-capability-l1-1-0
CapabilityCheck
api-ms-win-core-shlwapi-legacy-l1-1-0
PathIsRelativeW
PathUnExpandEnvStringsW
api-ms-win-core-wow64-l1-1-0
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
api-ms-win-core-job-l2-1-0
AssignProcessToJobObject
api-ms-win-core-shlwapi-obsolete-l1-1-0
StrIsIntlEqualW
api-ms-win-core-psapi-l1-1-0
QueryFullProcessImageNameW
api-ms-win-core-windowserrorreporting-l1-1-0
GetApplicationRestartSettings
api-ms-win-core-memory-l1-1-0
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
api-ms-win-core-psm-key-l1-1-0
PsmGetApplicationNameFromKey
PsmGetPackageFullNameFromKey
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
GetCurrentDirectoryW
GetCurrentDirectoryA
api-ms-win-core-io-l1-1-0
DeviceIoControl
container
?CreateContainer@container@@YAXPEAXAEBUContainer@DefinitionFile@1@_N0@Z
WcRegisterForContainerTerminationNotification
WcCleanupContainer
WcIsContainerQuiescent
WcGetContainerIdentifier
WcReleaseContainerTerminationNotification
?GetContainerIdentifierString@container@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PEAX@Z
WcGetComRegistryRoot
api-ms-win-appmodel-identity-l1-2-0
AppContainerDeriveSidFromMoniker
api-ms-win-appmodel-state-l1-2-0
GetStateFolder
GetSecureSystemAppDataFolder
GetSystemAppDataFolder
GetPublisherRootFolder
OpenStateExplicit
CloseState
api-ms-win-shell-shellfolders-l1-1-0
SHGetKnownFolderPath
msvcp_win
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Winerror_map@std@@YAHH@Z
?_Winerror_message@std@@YAKKPEADK@Z
_Make_dir
_File_size
_Remove_dir
_Unlink
_Stat
_Lstat
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Open_dir
_Read_dir
_Close_dir
?_Xbad_function_call@std@@YAXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
?_Xout_of_range@std@@YAXPEBD@Z
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
_Xtime_get_ticks
_Query_perf_frequency
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
_Query_perf_counter
_Thrd_yield
_Thrd_sleep
?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-file-l2-1-0
GetFileInformationByHandleEx
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
appxdeploymentclient
ord68
api-ms-win-crt-math-l1-1-0
ceilf
Exports
Exports
AddLookaside
AddProcessToHeliumContainer
CheckAppXPackageBreakaway
CheckApplicationInCurrentPackage
CloseAppExecutionAlias
CloseJitvSilo
CompleteAppExecutionAliasProcessCreation
CreateAppExecutionAlias
CreateDesktopAppXActivationInfo
CreateDesktopAppXLocalCacheStructure
CreateDesktopAppXTombstoneFile
CreateJitvSilo
CurrentThreadIsInVirtualizationContext
DetokenizeDesktopAppXOfflineRegistry
DisableDesktopAppXDebuggingForPackage
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DoesPackageHaveElevationCapability
DoesPackageHaveUIAccessCapability
DoesPluginSupportCentennial
EnableDesktopAppXDebuggingForPackage
EnsureDesktopAppXPackageShutdown
EnterPackageVirtualizationContext
FreeAppExecutionAliasInfo
FreeAppExecutionAliasInfoWithLicenseRundown
FreeDesktopAppXActivationInfo
FreeDesktopAppXLaunchContext
GetAppExecutionAliasApplicationUserModelId
GetAppExecutionAliasExecutable
GetAppExecutionAliasPackageFamilyName
GetAppExecutionAliasPackageFullName
GetApplicationExecutableRelativePath
GetDesktopAppXComRootHandle
LeavePackageVirtualizationContext
LoadAppExecutionAliasInfo
MigrateWritablePackageRootData
OpenAppExecutionAlias
OpenAppExecutionAliasForUser
PerformAppxLicenseRundown
PersistAppExecutionAliasToFile
PostCreateProcessDesktopAppXActivation
PrepareDesktopAppXActivation
RegisterDesktopAppXPackageFamily
RegisterDesktopAppXPackageFamilyIfNecessary
RemoveDesktopAppXMetadataForFolder
RemoveLookaside
SetDesktopAppXMetadataForFolder
SetDesktopAppXMetadataForPackage
TryActivateDesktopAppXApplication
VerifyFileIsTrustedAndInPackage
Sections
.text Size: 485KB - Virtual size: 484KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGE Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 135KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.detourc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 984B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
container/dmocx.dll.dll regsvr32 windows:10 windows x64 arch:x64
6020c9f354c981442f997752d2d0a233
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dmocx.pdb
Imports
mfc42u
ord4082
ord3534
ord3046
ord3166
ord3052
ord3366
ord3231
ord4815
ord3362
ord3243
ord3049
ord6053
ord5711
ord5730
ord5065
ord4368
ord5724
ord5722
ord3468
ord2412
ord5615
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord6440
ord4365
ord1778
ord5663
ord5586
ord4694
ord5712
ord4017
ord5229
ord4789
ord2670
ord2060
ord6814
ord3933
ord5484
ord1736
ord5683
ord2457
ord2140
ord5699
ord493
ord971
ord6886
ord1875
ord4276
ord2754
ord2757
ord2756
ord4573
ord2488
ord2712
ord1473
ord1510
ord1527
ord455
ord949
ord4209
ord2550
ord2546
ord5353
ord4609
ord4853
ord4808
ord5106
ord5473
ord2393
ord4752
ord6175
ord4985
ord4372
ord3165
ord3053
ord4816
ord3363
ord3244
ord3050
ord6807
ord2398
ord3020
ord4895
ord3537
ord2491
ord4077
ord5399
ord4761
ord5416
ord4962
ord4754
ord5110
ord5113
ord5111
ord4697
ord4702
ord4713
ord4941
ord5475
ord4997
ord4998
ord5011
ord5157
ord4695
ord5004
ord5017
ord5434
ord5056
ord5010
ord5031
ord5032
ord5033
ord5307
ord5308
ord5024
ord5339
ord5334
ord5329
ord5395
ord4951
ord4874
ord4904
ord5302
ord5012
ord5143
ord5025
ord5026
ord5978
ord3069
ord2917
ord5074
ord5072
ord5572
ord4121
ord3019
ord5629
ord1964
ord2159
ord6380
ord5322
ord5248
ord2181
ord6011
ord5000
ord5054
ord4683
ord1345
ord5946
ord1701
ord2450
ord3692
ord3850
ord3484
ord3384
ord5868
ord4822
ord6800
ord3447
ord6799
ord1427
ord1426
ord1082
ord288
ord812
ord1544
ord1586
ord1555
ord1583
ord1585
ord355
ord1477
ord1553
ord1416
ord1491
ord1577
ord4083
ord3164
ord4371
ord4983
ord4770
ord3837
ord1530
ord6787
ord2408
ord1463
ord1517
ord1574
ord286
ord287
ord2751
ord4213
ord1063
ord659
ord5385
ord6887
msvcrt
_XcptFilter
__dllonexit
_amsg_exit
free
malloc
_initterm
__C_specific_handler
_lock
__CxxFrameHandler3
_unlock
_onexit
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
kernel32
DeactivateActCtx
ReleaseActCtx
CreateActCtxW
LocalAlloc
LocalFree
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ActivateActCtx
user32
ClientToScreen
GetKeyState
GetMessagePos
InvalidateRect
ScreenToClient
SendMessageW
SetProcessDPIAware
EnableWindow
oleaut32
LoadRegTypeLi
oleacc
CreateStdAccessibleProxyW
LresultFromObject
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 588B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
els/els.dll.dll regsvr32 windows:10 windows x64 arch:x64
a26a8976f1eb6d8517d153ff05635a24
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
els.pdb
Imports
msvcrt
swprintf_s
wcschr
_wcsupr
wcsncpy_s
_wcsicmp
_vsnwprintf
__C_specific_handler
wcscpy_s
_wcsnicmp
free
malloc
__CxxFrameHandler3
_snwprintf_s
wcscat_s
qsort
_wcslwr
wcsspn
_vsnwprintf_s
towlower
wcsncmp
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
_XcptFilter
_amsg_exit
_initterm
_lock
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
memcmp
wcstoul
wcspbrk
wcsstr
_itow
??_V@YAXPEAX@Z
_purecall
??3@YAXPEAX@Z
_callnewh
wcsrchr
_ultow
memset
ntdll
RtlSecondsSince1970ToTime
RtlLengthSid
RtlTimeToSecondsSince1970
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
advapi32
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegConnectRegistryW
RegCreateKeyExW
IsValidSid
ReadEventLogW
OpenEventLogW
OpenBackupEventLogW
RegSetValueExW
GetNumberOfEventLogRecords
CloseEventLog
ClearEventLogW
BackupEventLogW
ConvertStringSidToSidW
GetLengthSid
LookupAccountSidW
RegCloseKey
RegOpenKeyExW
RegGetValueW
RegQueryValueExW
GetOldestEventLogRecord
EqualSid
kernel32
GetCommandLineW
LocalFileTimeToFileTime
GetSystemDirectoryW
CloseHandle
CreateThread
GetLocalTime
GetWindowsDirectoryW
WideCharToMultiByte
HeapFree
GetProcessHeap
HeapAlloc
GetTimeZoneInformation
DisableThreadLibraryCalls
LeaveCriticalSection
DeleteFileW
DeleteCriticalSection
GetCurrentThreadId
GetComputerNameW
LoadLibraryExW
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetFileAttributesExW
WriteFile
GetFileSize
GetDateFormatW
GetTimeFormatW
FileTimeToLocalFileTime
GetDriveTypeW
FileTimeToSystemTime
EnterCriticalSection
SystemTimeToFileTime
CreateFileW
QueryPerformanceCounter
GetLastError
lstrcmpiW
lstrlenW
LocalFree
lstrcmpW
ExpandEnvironmentStringsW
FormatMessageW
FreeLibrary
SetLastError
DeactivateActCtx
LoadLibraryW
GetProcAddress
ActivateActCtx
FindActCtxSectionStringW
CreateActCtxW
GetModuleFileNameW
GetModuleHandleExW
QueryActCtxW
OutputDebugStringA
GlobalFree
GetSystemWindowsDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LocalAlloc
GetTickCount
InitializeCriticalSection
user32
GetDlgItemInt
EnumThreadWindows
GetClassNameW
IsWindowEnabled
WinHelpW
DefWindowProcW
CreateWindowExW
LoadIconW
LoadBitmapW
LoadImageW
SetForegroundWindow
RegisterClipboardFormatW
SendMessageW
GetDlgItem
SetWindowPos
GetParent
FindWindowExW
SetWindowLongPtrW
GetWindowTextW
SetWindowTextW
GetDlgItemTextW
LoadCursorW
SetCursor
DestroyIcon
GetSysColor
CheckRadioButton
GetWindowRect
GetDC
ReleaseDC
GetSystemMetrics
EnableWindow
PostMessageW
OpenClipboard
EmptyClipboard
IsDlgButtonChecked
SetClipboardData
CloseClipboard
ShowWindow
SetDlgItemTextW
GetFocus
SetFocus
RegisterClassW
DialogBoxParamW
CreateDialogParamW
GetWindowLongPtrW
DestroyWindow
GetClientRect
EndDialog
CharLowerBuffW
GetWindow
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
CheckDlgButton
PostQuitMessage
GetWindowTextLengthW
SetDlgItemInt
MessageBoxW
LoadStringW
gdi32
GetObjectW
GetTextMetricsW
SetMapMode
GetMapMode
DeleteObject
CreateFontIndirectW
ole32
ObjectStublessClient5
CoCreateInstance
ReleaseStgMedium
CoUninitialize
CoInitialize
IIDFromString
CoGetInterfaceAndReleaseStream
CreateStreamOnHGlobal
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
ObjectStublessClient7
ObjectStublessClient6
ObjectStublessClient4
ObjectStublessClient3
rpcrt4
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_QueryInterface_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
netutils
NetpwNameValidate
NetpwNameCanonicalize
NetApiBufferFree
dsrole
DsRoleGetPrimaryDomainInformation
DsRoleFreeMemory
logoncli
DsGetDcNameW
srvcli
NetShareGetInfo
wkscli
NetWkstaGetInfo
shlwapi
wnsprintfW
PathCombineW
PathRemoveBlanksW
shell32
CommandLineToArgvW
ShellExecuteW
ntdsapi
DsFreeSchemaGuidMapW
DsMapSchemaGuidsW
DsFreeNameResultW
DsCrackNamesW
DsBindW
DsUnBindW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
activeds
ord9
ord20
ord15
mpr
WNetGetUniversalNameW
wintrust
WTGetSignatureInfo
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 154KB - Virtual size: 154KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
els/energy.dll.dll windows:10 windows x64 arch:x64
5a6c1bb2d4cdfc861b6d3485be83e4ca
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
energy.pdb
Imports
msvcrt
__dllonexit
_unlock
_lock
__C_specific_handler
_errno
_initterm
_amsg_exit
wcsnlen
floor
??1type_info@@UEAA@XZ
setlocale
__crtLCMapStringW
memmove
_XcptFilter
__uncaught_exception
__pctype_func
memcmp
_CxxThrowException
__CxxFrameHandler3
wcstoul
_wcsicmp
___lc_handle_func
___lc_codepage_func
swprintf_s
iswprint
malloc
??0exception@@QEAA@AEBQEBDH@Z
_wcsnicmp
_vsnwprintf
calloc
memcpy
_onexit
___mb_cur_max_func
_wcsdup
_ismbblead
memset
abort
sprintf_s
free
?terminate@@YAXXZ
localeconv
__doserrno
_wfopen_s
fclose
fwprintf_s
toupper
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_purecall
strcspn
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
_wsetlocale
wcscmp
api-ms-win-core-processtopology-obsolete-l1-1-0
GetActiveProcessorCount
api-ms-win-ole32-ie-l1-1-0
CoInitialize
api-ms-win-core-kernel32-legacy-l1-1-0
GetSystemPowerStatus
ntdll
RtlLookupFunctionEntry
RtlCaptureContext
RtlCopySid
RtlVirtualUnwind
NtQueryWnfStateData
NtPowerInformation
RtlAdjustPrivilege
RtlNtStatusToDosError
RtlGetPersistedStateLocation
RtlLengthSid
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventProviderEnabled
EventWriteTransfer
EventSetInformation
EventWrite
EventUnregister
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-synch-l1-1-0
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
CreateEventW
WaitForSingleObject
DeleteCriticalSection
api-ms-win-core-file-l1-1-0
FileTimeToLocalFileTime
FindClose
FindNextFileW
CompareFileTime
FindFirstFileW
CreateFileW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree
api-ms-win-core-registry-l1-1-0
RegCreateKeyExW
RegGetValueW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
api-ms-win-core-sysinfo-l1-1-0
GetSystemTime
GetTickCount
GetVersionExW
GetComputerNameExW
GetSystemTimeAsFileTime
rpcrt4
UuidCreate
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
GetProcAddress
LoadStringW
DisableThreadLibraryCalls
LoadLibraryExW
FreeLibrary
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapCreate
HeapFree
HeapDestroy
GetProcessHeap
api-ms-win-eventing-consumer-l1-1-0
ProcessTrace
CloseTrace
OpenTraceW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
api-ms-win-core-path-l1-1-0
PathCchRemoveBackslash
PathCchAppend
api-ms-win-power-setting-l1-1-0
PowerGetActiveScheme
api-ms-win-security-lsalookup-l2-1-0
LookupAccountSidW
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-eventing-controller-l1-1-0
ControlTraceW
EnableTraceEx2
TraceSetInformation
StartTraceW
api-ms-win-core-synch-l1-2-0
SleepConditionVariableSRW
Sleep
WakeAllConditionVariable
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-eventing-tdh-l1-1-0
TdhUnloadManifest
TdhGetProperty
TdhGetEventInformation
TdhGetPropertySize
powrprof
PowerReadACValueIndex
PowerReadDCValueIndex
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
oleaut32
SysAllocString
VariantClear
GetErrorInfo
SysFreeString
Exports
Exports
EnergyWizard_Analyze
EnergyWizard_CancelTrace
EnergyWizard_CollectTrace
EnergyWizard_CreateEnergyWizard
EnergyWizard_DefaultTraceDuration
EnergyWizard_DestroyEnergyWizard
EnergyWizard_GetLogEntryCounts
EnergyWizard_SaveReport
EnergyWizard_SqmAnalysis
EnergyWizard_TransformReport
SaveBatteryReport
SaveSleepStudyReport
SaveSystemSleepDiagnosticsReport
SendScreenOnTelemetry
TransformBatteryReport
TransformSleepStudyReport
TransformSystemSleepDiagnosticsReport
Sections
.text Size: 449KB - Virtual size: 449KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
els/es.dll.dll windows:10 windows x64 arch:x64
d90a7e6a66887fded147eb69c9d91983
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
ES.pdb
Imports
msvcrt
_purecall
_itow_s
_wcsicmp
free
malloc
wcsstr
wcsrchr
towupper
wcsncmp
_XcptFilter
_amsg_exit
_initterm
_lock
_unlock
__dllonexit
_vsnwprintf
_onexit
sqrt
memset
memcpy
memcmp
exp
_local_unwind
__C_specific_handler
_resetstkoflw
iswdigit
iswalpha
iswalnum
_wcsnicmp
_beginthreadex
_vsnprintf
__CxxFrameHandler3
_waccess
wcscpy_s
_ultow
?terminate@@YAXXZ
wcscmp
ntdll
RtlAllocateHeap
RtlDelete
RtlSplay
RtlDllShutdownInProgress
RtlDeleteCriticalSection
RtlInitializeCriticalSectionAndSpinCount
RtlImageNtHeader
RtlFreeHeap
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
NtQueryEvent
RtlNtStatusToDosError
RtlInitUnicodeString
NtOpenEvent
RtlApplicationVerifierStop
RtlCreateServiceSid
api-ms-win-core-string-l1-1-0
CompareStringW
api-ms-win-core-synch-l1-1-0
WaitForSingleObjectEx
InitializeCriticalSection
CreateSemaphoreExW
CreateEventW
DeleteCriticalSection
SetEvent
ReleaseSemaphore
ResetEvent
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
api-ms-win-core-processthreads-l1-1-0
SetThreadToken
OpenThreadToken
OpenProcessToken
GetCurrentThreadId
CreateProcessW
SetThreadStackGuarantee
GetCurrentThread
CreateThread
SetThreadPriority
GetExitCodeProcess
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
api-ms-win-core-sysinfo-l1-1-0
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount64
GetLocalTime
GetTickCount
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
RaiseException
api-ms-win-core-localization-l1-2-0
FormatMessageW
GetUserDefaultLCID
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-core-heap-l2-1-0
GlobalAlloc
GlobalFree
LocalFree
LocalAlloc
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
FreeLibraryAndExitThread
GetModuleHandleExW
DisableThreadLibraryCalls
LockResource
GetModuleHandleW
LoadLibraryExW
GetModuleFileNameW
LoadStringW
LoadResource
FindResourceExW
FreeLibrary
api-ms-win-core-file-l1-1-0
DeleteFileW
GetFileAttributesW
SetFileAttributesW
FindNextFileW
FindFirstFileW
CreateDirectoryW
FindClose
api-ms-win-core-registry-l1-1-0
RegEnumKeyExW
RegDeleteTreeW
RegLoadKeyW
RegCreateKeyExW
RegEnumValueW
RegQueryValueExW
RegCloseKey
RegGetValueW
RegNotifyChangeKeyValue
RegDeleteValueW
RegUnLoadKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
Sleep
api-ms-win-security-base-l1-1-0
AdjustTokenPrivileges
GetTokenInformation
GetSecurityDescriptorDacl
GetLengthSid
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
EqualSid
rpcrt4
I_RpcOpenClientProcess
I_RpcBindingInqTransportType
NdrCStdStubBuffer2_Release
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
NdrStubForwardingFunction
CStdStubBuffer_Connect
IUnknown_AddRef_Proxy
CStdStubBuffer_IsIIDSupported
NdrStubCall3
IUnknown_QueryInterface_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_Disconnect
CStdStubBuffer_AddRef
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
I_RpcBindingInqLocalClientPID
api-ms-win-core-threadpool-l1-2-0
CloseThreadpoolWait
CreateThreadpoolWait
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
SearchPathW
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient9
ObjectStublessClient8
ObjectStublessClient6
NdrProxyForwardingFunction5
NdrProxyForwardingFunction4
ObjectStublessClient10
ObjectStublessClient16
ObjectStublessClient19
CStdStubBuffer2_QueryInterface
ObjectStublessClient21
ObjectStublessClient5
ObjectStublessClient13
ObjectStublessClient7
CStdStubBuffer2_Disconnect
NdrProxyForwardingFunction6
ObjectStublessClient23
ObjectStublessClient15
ObjectStublessClient20
ObjectStublessClient17
ObjectStublessClient18
ObjectStublessClient27
ObjectStublessClient3
ObjectStublessClient22
NdrProxyForwardingFunction3
CStdStubBuffer2_Connect
CStdStubBuffer2_CountRefs
ObjectStublessClient11
ObjectStublessClient14
ObjectStublessClient12
ObjectStublessClient24
ObjectStublessClient4
ObjectStublessClient25
NdrProxyForwardingFunction8
NdrProxyForwardingFunction10
NdrProxyForwardingFunction9
NdrProxyForwardingFunction12
NdrProxyForwardingFunction7
ObjectStublessClient28
ObjectStublessClient26
NdrProxyForwardingFunction11
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-threadpool-legacy-l1-1-0
CreateTimerQueueTimer
DeleteTimerQueueTimer
UnregisterWaitEx
ChangeTimerQueueTimer
api-ms-win-core-kernel32-legacy-l1-1-0
GetComputerNameW
api-ms-win-core-debug-l1-1-0
OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
DebugBreak
api-ms-win-core-io-l1-1-0
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
api-ms-win-core-version-l1-1-0
VerQueryValueW
api-ms-win-core-memory-l1-1-0
VirtualProtect
VirtualAlloc
VirtualQuery
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
GlobalLock
api-ms-win-core-threadpool-private-l1-1-0
RegisterWaitForSingleObjectEx
Exports
Exports
DllCanUnloadNow
DllGetClassObject
LCEControlServer
NotifyLogoffUser
NotifyLogonUser
ServiceMain
SvchostPushServiceGlobals
Sections
.text Size: 238KB - Virtual size: 238KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 115KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1024B - Virtual size: 736B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
els/psisdecd.dll.dll regsvr32 windows:10 windows x64 arch:x64
b044249165197572d7896d48a9ea9a8b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
psisdecd.pdb
Imports
msvcrt
??0exception@@QEAA@XZ
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBV0@@Z
memcpy
memcmp
_vsnwprintf
_vsnprintf
ldiv
swprintf_s
wcscpy_s
wcscat_s
_callnewh
_CxxThrowException
_XcptFilter
_amsg_exit
_initterm
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
_onexit
memset
wcsstr
wcschr
_stricmp
gmtime
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
tolower
isupper
mktime
memcpy_s
wcstol
malloc
free
_purecall
realloc
__C_specific_handler
memmove_s
__CxxFrameHandler3
wcscmp
winmm
timeGetTime
kernel32
GetSystemTime
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
GetTempPathW
CreateFileW
GetLocalTime
ExpandEnvironmentStringsW
LoadLibraryW
MoveFileExW
GetLocaleInfoEx
Sleep
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
VirtualProtect
EnterCriticalSection
VirtualAlloc
LeaveCriticalSection
InitializeCriticalSection
GetTickCount64
GetSystemInfo
DeleteCriticalSection
VirtualQuery
CreateMutexW
WaitForSingleObject
LocalAlloc
ReleaseMutex
GetLastError
LockResource
CloseHandle
LoadResource
FindResourceW
LocalFree
SystemTimeToFileTime
GetModuleHandleW
GetTickCount
WaitForMultipleObjects
CreateEventW
SetEvent
CreateThread
ResetEvent
SizeofResource
lstrcpynW
GetModuleFileNameW
MultiByteToWideChar
DisableThreadLibraryCalls
FindResourceExW
HeapDestroy
GetProcAddress
FreeLibrary
lstrcpyW
lstrcmpiW
LoadLibraryExW
lstrlenA
WideCharToMultiByte
advapi32
RegQueryValueExW
RegCloseKey
RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
user32
PostThreadMessageW
RegisterWindowMessageW
CharNextW
CharPrevW
PeekMessageW
ole32
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
oleaut32
SysAllocStringLen
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SysStringLen
VariantChangeType
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SysFreeString
SafeArrayDestroy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayCreate
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 389KB - Virtual size: 389KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 106KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 65KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
neth/NetSetupShim.dll.dll windows:10 windows x64 arch:x64
6a5b336f3a912d656f244e1f5572188e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
NetSetupShim.pdb
Imports
msvcp_win
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
api-ms-win-crt-string-l1-1-0
memset
wcsnlen
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
api-ms-win-crt-private-l1-1-0
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__recalloc
_o__register_onexit_function
_o__resetstkoflw
_o__seh_filter_dll
_o__wcsicmp
_o__wcsnicmp
memmove
_o_free
_o_malloc
_o_toupper
_o_towupper
_o_wcscpy_s
__CxxFrameHandler3
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfwprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
wcsrchr
wcsstr
wcschr
__std_terminate
__C_specific_handler
__CxxFrameHandler4
memcpy
memcmp
ntdll
NtDeleteKey
RtlGetVersion
RtlFormatCurrentUserKeyPath
RtlFreeUnicodeString
NtClose
NtOpenKey
NtCreateKey
NtQueryValueKey
NtSetValueKey
NtDeleteValueKey
RtlUnicodeToMultiByteSize
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeSize
RtlMultiByteToUnicodeN
NtQuerySystemInformation
RtlNtStatusToDosErrorNoTeb
NtQueryInformationFile
NtSetInformationFile
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlInitUnicodeString
RtlCaptureStackBackTrace
EtwTraceMessage
EtwUnregisterTraceGuids
EtwGetTraceEnableFlags
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwRegisterTraceGuidsW
RtlReportException
RtlNtStatusToDosError
api-ms-win-core-libraryloader-l1-1-0
LoadLibraryExA
LoadLibraryExW
GetModuleHandleExW
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleFileNameA
GetProcAddress
api-ms-win-core-synch-l1-1-0
InitializeCriticalSectionAndSpinCount
ResetEvent
CreateEventW
ReleaseSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CreateSemaphoreExW
EnterCriticalSection
ReleaseSemaphore
SetEvent
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
DeleteCriticalSection
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
SleepEx
ReleaseMutex
api-ms-win-core-heap-l1-1-0
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
api-ms-win-core-errorhandling-l1-1-0
RaiseException
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
api-ms-win-core-com-l1-1-0
CoTaskMemAlloc
CoInitializeEx
CoTaskMemFree
CoCreateGuid
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
IIDFromString
CoUninitialize
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventWriteTransfer
EventRegister
EventUnregister
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
api-ms-win-core-localization-l1-2-0
FormatMessageW
LCMapStringW
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
DebugBreak
OutputDebugStringW
OutputDebugStringA
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetLocalTime
GetSystemWindowsDirectoryW
GetTickCount64
GetTickCount
api-ms-win-core-registry-l1-1-0
RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegDeleteTreeW
api-ms-win-core-kernel32-legacy-l1-1-0
LoadLibraryW
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineA
GetEnvironmentVariableW
ExpandEnvironmentStringsW
api-ms-win-core-heap-obsolete-l1-1-0
LocalAlloc
LocalFree
api-ms-win-service-management-l1-1-0
CloseServiceHandle
OpenServiceW
OpenSCManagerW
api-ms-win-service-winsvc-l1-1-0
ControlService
QueryServiceStatus
api-ms-win-core-file-l1-1-0
WriteFile
FindClose
CreateDirectoryW
FindNextFileW
SetFileAttributesW
CreateFileW
GetFileAttributesW
FlushFileBuffers
GetFullPathNameW
GetFileSize
FindFirstFileW
SetFilePointer
FileTimeToLocalFileTime
DeleteFileW
SetEndOfFile
GetFileInformationByHandle
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
api-ms-win-core-memory-l1-1-0
VirtualAlloc
VirtualFree
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-processthreads-l1-1-1
FlushInstructionCache
IsProcessorFeaturePresent
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-devices-config-l1-1-0
CM_Open_DevNode_Key
CM_Get_Device_ID_ListW
CM_Get_DevNode_PropertyW
CM_Locate_DevNodeW
CM_Get_DevNode_Status
CM_Get_Device_ID_List_SizeW
CM_Set_DevNode_PropertyW
rpcrt4
UuidCreate
RpcExceptionFilter
MesHandleFree
NdrMesTypeEncode3
RpcServerInterfaceGroupClose
RpcServerInterfaceGroupActivate
RpcServerInterfaceGroupCreateW
RpcServerInterfaceGroupDeactivate
NdrServerCallAll
NdrServerCall2
MesEncodeDynBufferHandleCreate
oleaut32
SysFreeString
VariantInit
api-ms-win-core-path-l1-1-0
PathCchRemoveFileSpec
PathCchCanonicalize
PathCchCombine
ws2_32
WSCUnInstallNameSpace
WSCInstallNameSpace
WSCInstallNameSpace32
WSCUnInstallNameSpace32
netsetupapi
NetSetupFreeObjects
NetSetupGetObjects
NetSetupSynchronizeDevices
NetSetupSerializeFilter
NetSetupFreeSerializedFilter
NetSetupFreeObjectProperties
NetSetupGetObjectPropertyKeys
NetSetupCommit
NetSetupGetObjectProperties
NetSetupDeleteObject
NetSetupRollback
NetSetupSetObjectProperties
NetSetupClose
NetSetupInitialize
NetSetupCreateObject
setupapi
SetupDiEnumDriverInfoW
SetupScanFileQueueW
SetupInstallFilesFromInfSectionW
SetupInitDefaultQueueCallbackEx
SetupOpenFileQueue
SetupInstallFromInfSectionW
SetupDefaultQueueCallbackW
SetupOpenAppendInfFileW
SetupInstallServicesFromInfSectionW
SetupCloseInfFile
SetupCloseFileQueue
SetupCommitFileQueueW
SetupTermDefaultQueueCallback
SetupDiDestroyDeviceInfoList
SetupDiGetActualSectionToInstallW
SetupCopyOEMInfW
SetupGetLineTextW
SetupDiGetClassDevsW
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupGetStringFieldW
SetupGetIntField
SetupDiGetDriverInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiSetDeviceInstallParamsW
SetupDiCallClassInstaller
SetupDiGetSelectedDriverW
SetupDiSetDriverInstallParamsW
SetupDiBuildDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiDeleteDeviceInfo
SetupDiSelectBestCompatDrv
SetupDiGetDeviceInstallParamsW
pSetupGetIndirectStringsFromDriverInfo
SetupDiCreateDeviceInfoW
SetupFindFirstLineW
SetupFindNextLine
SetupOpenInfFileW
devrtl
DevRtlGetThreadLogToken
DevRtlSetThreadLogToken
api-ms-win-core-sidebyside-l1-1-0
DeactivateActCtx
ActivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CreateActCtxW
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
api-ms-win-core-file-l2-1-0
CreateHardLinkW
MoveFileExW
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
Exports
Exports
DllCanUnloadNow
DllGetClassObject
NetSetupCreateBindingMap
NetSetupExportDatabase
NetSetupResetBindings
NetSetupShimExecuteInfSection
Sections
.text Size: 302KB - Virtual size: 301KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 127KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
neth/PeerDistSh.dll.dll windows:10 windows x64 arch:x64
85089929320dd2893956453cd4e6493a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
peerdistsh.pdb
Imports
msvcrt
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
memset
wcsncmp
wcschr
_onexit
__dllonexit
_wcsnicmp
_unlock
_lock
__C_specific_handler
_initterm
_vsnwprintf
_amsg_exit
_XcptFilter
memcpy
memcmp
__CxxFrameHandler3
_CxxThrowException
??0exception@@QEAA@AEBQEBDH@Z
malloc
free
_callnewh
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
iswspace
_wcstoui64
_purecall
memmove
wcscmp
ntdll
EtwGetTraceLoggerHandle
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwEventActivityIdControl
EtwGetTraceEnableLevel
EtwTraceMessage
api-ms-win-core-synch-l1-1-0
DeleteCriticalSection
WaitForSingleObject
LeaveCriticalSection
CreateEventW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
api-ms-win-core-errorhandling-l1-1-0
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-libraryloader-l1-2-0
LoadStringW
api-ms-win-core-com-l1-1-0
CoInitializeEx
CoUninitialize
CoCreateInstance
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-core-file-l1-1-0
DeleteFileW
CreateDirectoryW
api-ms-win-core-string-l2-1-1
SHLoadIndirectString
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
SetThreadToken
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
shlwapi
PathIsDirectoryEmptyW
PathIsDirectoryW
PathCanonicalizeW
advapi32
OpenProcessToken
OpenThreadToken
GetNamedSecurityInfoW
RegOpenKeyTransactedW
GetExplicitEntriesFromAclW
SetEntriesInAclW
SetNamedSecurityInfoW
netsh.exe
MatchEnumTag
PreprocessCommand
RegisterContext
MatchToken
PrintMessage
PrintError
RegisterHelper
PrintMessageFromModule
kernel32
WideCharToMultiByte
HeapFree
SetLastError
GetProcessMitigationPolicy
DeleteTimerQueueEx
SubmitThreadpoolWork
CreateThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CloseThreadpoolCleanupGroup
CreateThreadpoolWork
CloseThreadpoolWork
GetFullPathNameW
GetFileSizeEx
CreateFileW
RaiseFailFastException
SleepEx
RegSetKeySecurity
RegGetKeySecurity
RegDeleteTreeW
LocalAlloc
FindClose
RemoveDirectoryW
FindNextFileW
lstrcmpW
FindFirstFileExW
GetDiskFreeSpaceExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyExW
SetEventWhenCallbackReturns
RegSetValueExW
GetTickCount64
RegGetValueW
RegNotifyChangeKeyValue
RegOpenKeyExW
WaitForMultipleObjectsEx
CreateThread
RegCloseKey
GetExitCodeThread
SetEvent
GetModuleHandleExW
HeapAlloc
GetProcessHeap
GetWindowsDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
GetCurrentThread
WriteFile
ReadFile
GetVolumePathNameW
GetVolumeInformationW
CompareStringW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
InitializeSRWLock
AcquireSRWLockShared
ReleaseSRWLockShared
rpcrt4
NdrClientCall3
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW
api-ms-win-security-base-l1-1-0
GetSecurityDescriptorOwner
GetTokenInformation
GetSecurityDescriptorGroup
IsValidSecurityDescriptor
SetSecurityDescriptorControl
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
GetSecurityDescriptorDacl
EqualSid
CreateWellKnownSid
GetAce
GetAclInformation
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidAcl
GetSecurityDescriptorControl
api-ms-win-security-sddl-l1-1-0
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
bcrypt
BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptGetProperty
BCryptDestroyHash
BCryptCreateHash
BCryptGenerateSymmetricKey
BCryptHashData
BCryptFinishHash
BCryptEncrypt
BCryptDecrypt
BCryptOpenAlgorithmProvider
api-ms-win-service-management-l1-1-0
OpenSCManagerW
CloseServiceHandle
StartServiceW
OpenServiceW
api-ms-win-service-management-l2-1-0
NotifyServiceStatusChangeW
ChangeServiceConfigW
ChangeServiceConfig2W
QueryServiceConfigW
QueryServiceStatusEx
api-ms-win-service-winsvc-l1-1-0
ControlService
api-ms-win-service-core-l1-1-1
EnumDependentServicesW
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
profapi
ord104
api-ms-win-core-localization-private-l1-1-0
LoadStringByReference
Exports
Exports
InitHelperDll
Sections
.text Size: 247KB - Virtual size: 246KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 151KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 176B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
neth/neth.dll.dll windows:10 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Sections
.rdata Size: 512B - Virtual size: 176B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
neth/sdohlp.dll.dll regsvr32 windows:10 windows x64 arch:x64
3f11fe32166bcd81c630499ad66af23b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
sdohlp.pdb
Imports
msvcrt
strcspn
sprintf_s
realloc
_strtoui64
_strtoi64
_errno
__crtLCMapStringA
___lc_codepage_func
___lc_handle_func
isupper
__pctype_func
_CxxThrowException
setlocale
??0bad_cast@@QEAA@PEBD@Z
fclose
fwrite
fgetpos
fseek
fsetpos
abort
fflush
wcstol
ungetwc
ungetc
fputwc
fgetc
___mb_cur_max_func
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@AEBV0@@Z
fgetwc
??0exception@@QEAA@XZ
memmove_s
??0exception@@QEAA@AEBQEBD@Z
_wcsnicmp
localeconv
swprintf_s
_wcsicmp
?what@exception@@UEBAPEBDXZ
_purecall
islower
wcscat_s
wcscpy_s
_callnewh
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
_Gettnames
_Getdays
_Getmonths
_Strftime
isspace
tolower
___lc_collate_cp_func
__crtCompareStringA
__crtCompareStringW
memcpy
isalnum
isdigit
_XcptFilter
_amsg_exit
_initterm
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
_onexit
memchr
memcmp
memcpy_s
free
malloc
wcsncpy_s
__C_specific_handler
memset
__mb_cur_max
__crtGetStringTypeW
__crtLCMapStringW
_wfsopen
wcschr
__CxxFrameHandler3
setvbuf
_wcsupr_s
wcsrchr
_wtol
_strnicmp
vsprintf_s
__uncaught_exception
__RTDynamicCast
iassvcs
IASGetProductLimits
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlAllocateHeap
RtlImageNtHeader
advapi32
OpenSCManagerA
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
RegConnectRegistryW
OpenServiceA
QueryServiceStatusEx
CloseServiceHandle
RegQueryValueExW
RegCloseKey
kernel32
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
OutputDebugStringA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoA
Sleep
LocalFree
WideCharToMultiByte
GetSystemInfo
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
FindResourceExW
LoadResource
SizeofResource
MultiByteToWideChar
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
FormatMessageW
ExpandEnvironmentStringsW
LoadLibraryExW
GetComputerNameExW
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
lstrlenA
SwitchToThread
TryEnterCriticalSection
lstrcmpW
LockResource
FindResourceW
LocalAlloc
SleepConditionVariableSRW
ole32
CoTaskMemFree
CoTaskMemAlloc
OleRun
CoCreateInstanceEx
CoGetClassObject
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
oleaut32
VariantCopy
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SysFreeString
VarUI4FromStr
GetErrorInfo
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SafeArrayPutElement
SafeArrayGetElement
SysReAllocString
LoadRegTypeLi
SafeArrayCreate
SafeArrayDestroy
VariantClear
VariantInit
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
SafeArrayCreateVector
rtutils
TraceVprintfExA
TraceDeregisterW
TraceRegisterExW
user32
LoadStringW
UnregisterClassA
CharNextW
rpcrt4
UuidCreate
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 339KB - Virtual size: 339KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 119KB - Virtual size: 119KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
setup.msi.msi
-
sud/StorSvc.dll.dll windows:10 windows x64 arch:x64
e6229e3089a2a7d1aaee68aaa419557d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
StorSvc.pdb
Imports
msvcrt
strcspn
localeconv
sprintf_s
fflush
fclose
fputwc
ungetwc
fgetc
__mb_cur_max
fgetwc
fwrite
fgetpos
setvbuf
ungetc
time
_wcstoui64
_fseeki64
strtod
strtoul
wcstod
realloc
wcsnlen
towlower
calloc
vswprintf_s
_vscwprintf
wcsncmp
setlocale
__pctype_func
isupper
___lc_handle_func
___lc_codepage_func
___mb_cur_max_func
_ismbblead
islower
__uncaught_exception
wcsstr
fseek
_wfsopen
abort
memset
??0bad_cast@@QEAA@PEBD@Z
__crtLCMapStringW
__crtLCMapStringA
_wsetlocale
_wcslwr_s
memchr
memcmp
sqrt
_errno
swprintf_s
log10
?terminate@@YAXXZ
_wcslwr
??0bad_cast@@QEAA@AEBV0@@Z
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
memmove
memcpy
_CxxThrowException
??1bad_cast@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
_wcsdup
_wtoi
_wcsupr_s
_i64toa_s
malloc
wcsrchr
free
wcschr
wcscpy_s
_wsplitpath_s
_wcsicmp
??_V@YAXPEAX@Z
memmove_s
wcstoul
_wcsnicmp
_purecall
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
wcsncat_s
exp
wcstol
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
__CxxFrameHandler3
??3@YAXPEAX@Z
memcpy_s
_vsnwprintf
fsetpos
wcscmp
rpcrt4
I_RpcBindingInqLocalClientPID
RpcServerInqBindings
RpcEpRegisterW
RpcEpUnregister
RpcAsyncCompleteCall
RpcServerRegisterIf3
RpcServerTestCancel
RpcServerUseProtseqW
RpcServerUnregisterIfEx
RpcBindingVectorFree
RpcRevertToSelf
RpcImpersonateClient
Ndr64AsyncServerCallAll
NdrServerCall2
NdrServerCallAll
RpcServerUnregisterIf
NdrAsyncServerCall
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleExW
GetModuleFileNameA
LoadStringW
GetModuleHandleW
LoadResource
LockResource
FreeLibrary
FindResourceExW
LoadLibraryExW
GetProcAddress
api-ms-win-core-heap-l1-1-0
HeapFree
GetProcessHeap
HeapAlloc
api-ms-win-core-com-l1-1-0
IIDFromString
CoInitializeEx
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CLSIDFromString
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
CoGetMalloc
CoWaitForMultipleHandles
CoCreateGuid
api-ms-win-core-processthreads-l1-1-0
CreateThread
TerminateProcess
SetThreadToken
GetCurrentProcessId
TlsAlloc
TlsFree
OpenProcessToken
TlsSetValue
GetCurrentThreadId
OpenThreadToken
GetExitCodeThread
TlsGetValue
GetCurrentThread
GetCurrentProcess
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
DebugBreak
OutputDebugStringW
IsDebuggerPresent
api-ms-win-core-synch-l1-1-0
AcquireSRWLockExclusive
CreateEventExW
ReleaseSRWLockExclusive
AcquireSRWLockShared
DeleteCriticalSection
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
InitializeCriticalSection
InitializeSRWLock
InitializeCriticalSectionEx
LeaveCriticalSection
ReleaseSemaphore
ResetEvent
EnterCriticalSection
CreateSemaphoreExW
CreateEventW
WaitForSingleObject
ReleaseSRWLockShared
SetEvent
CreateMutexW
CreateMutexExW
api-ms-win-core-errorhandling-l1-1-0
GetLastError
GetErrorMode
SetUnhandledExceptionFilter
RaiseException
SetErrorMode
UnhandledExceptionFilter
SetLastError
api-ms-win-core-io-l1-1-0
GetOverlappedResult
DeviceIoControl
api-ms-win-core-threadpool-l1-2-0
CloseThreadpoolWork
SetThreadpoolWait
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWait
CreateThreadpoolWait
SetThreadpoolTimer
CloseThreadpoolTimer
CreateThreadpoolWork
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
WaitForThreadpoolWaitCallbacks
api-ms-win-core-file-l1-2-0
GetTempPathW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventRegister
EventWriteTransfer
EventActivityIdControl
EventUnregister
EventWriteString
api-ms-win-core-file-l1-1-0
FindNextFileW
ReadFile
FindNextVolumeW
QueryDosDeviceW
GetLogicalDrives
FindVolumeClose
GetFileSize
RemoveDirectoryW
GetVolumeInformationW
SetFilePointerEx
FindClose
FindFirstFileW
GetVolumeInformationByHandleW
FindFirstVolumeW
WriteFile
CreateFileW
GetFileAttributesW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetDiskFreeSpaceW
FindNextChangeNotification
GetFileSizeEx
GetDiskFreeSpaceExW
SetFileInformationByHandle
GetVolumePathNameW
SetFileAttributesW
GetDriveTypeW
GetFinalPathNameByHandleW
DeleteVolumeMountPointW
CompareFileTime
FindFirstFileExW
DeleteFileW
CreateDirectoryW
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegOpenCurrentUser
RegFlushKey
RegSetValueExW
RegDeleteTreeW
RegCreateKeyExW
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW
RegNotifyChangeKeyValue
RegDeleteValueW
RegGetValueW
RegQueryInfoKeyW
RegCloseKey
devobj
DevObjGetDeviceInterfaceDetail
DevObjOpenDeviceInterface
DevObjGetClassDevs
DevObjEnumDeviceInterfaces
DevObjDestroyDeviceInfoList
DevObjCreateDeviceInfoList
api-ms-win-core-heap-l2-1-0
LocalAlloc
LocalFree
bcrypt
BCryptGenRandom
api-ms-win-core-kernel32-legacy-l1-1-1
SetVolumeMountPointW
api-ms-win-core-registry-l1-1-1
RegDeleteKeyValueW
RegSetKeyValueW
api-ms-win-security-base-l1-1-0
DuplicateTokenEx
DuplicateToken
ImpersonateLoggedOnUser
CreateWellKnownSid
CheckTokenMembership
GetTokenInformation
AdjustTokenPrivileges
RevertToSelf
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
CompareStringOrdinal
MultiByteToWideChar
GetStringTypeW
api-ms-win-core-winrt-string-l1-1-0
WindowsStringHasEmbeddedNull
WindowsGetStringRawBuffer
WindowsIsStringEmpty
WindowsCreateStringReference
WindowsDeleteString
api-ms-win-core-winrt-l1-1-0
RoActivateInstance
RoGetActivationFactory
api-ms-win-core-shlwapi-legacy-l1-1-0
PathGetDriveNumberW
PathFindFileNameW
PathStripPathW
PathFileExistsW
PathFindExtensionW
api-ms-win-shcore-taskpool-l1-1-0
SHTaskPoolQueueTask
api-ms-win-core-winrt-error-l1-1-0
RoOriginateError
SetRestrictedErrorInfo
RoOriginateErrorW
api-ms-win-shcore-path-l1-1-0
ord172
ntdll
NtCreateFile
RtlNtStatusToDosError
NtFsControlFile
WinSqmIncrementDWORD
RtlImpersonateSelf
NtClose
NtOpenThreadTokenEx
NtSetInformationThread
NtOpenProcessTokenEx
NtAdjustPrivilegesToken
RtlDosPathNameToNtPathName_U
RtlInitUnicodeString
NtQueryInformationToken
NtQuerySystemInformation
RtlIsNonEmptyDirectoryReparsePointAllowed
RtlQueryWnfStateData
RtlInitializeCorrelationVector
NtQueryVolumeInformationFile
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlIsMultiSessionSku
RtlCreateSystemVolumeInformationFolder
RtlGetPersistedStateLocation
RtlDosPathNameToRelativeNtPathName_U_WithStatus
RtlGetDeviceFamilyInfoEnum
RtlSubscribeWnfStateChangeNotification
RtlCreateSecurityDescriptor
RtlCreateAcl
RtlFreeHeap
RtlFreeSid
RtlAddAccessAllowedAce
RtlLengthSid
RtlAllocateAndInitializeSid
NtQueryWnfStateData
RtlPublishWnfStateData
RtlSetDaclSecurityDescriptor
RtlAllocateHeap
api-ms-win-core-sysinfo-l1-1-0
GetTickCount64
GetSystemTimeAsFileTime
GetSystemTime
GetSystemWindowsDirectoryW
GetTickCount
GetSystemDirectoryW
api-ms-win-core-synch-l1-2-0
InitOnceComplete
InitOnceExecuteOnce
Sleep
InitOnceBeginInitialize
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-service-management-l1-1-0
OpenServiceW
CloseServiceHandle
OpenSCManagerW
api-ms-win-service-management-l2-1-0
ChangeServiceConfig2W
ChangeServiceConfigW
fltlib
FilterAttach
api-ms-win-core-winrt-error-l1-1-1
RoGetMatchingRestrictedErrorInfo
api-ms-win-security-provider-l1-1-0
SetNamedSecurityInfoW
GetNamedSecurityInfoW
api-ms-win-devices-config-l1-1-1
CM_Get_Device_IDW
CM_Get_Device_Interface_PropertyW
CM_Register_Notification
CM_Unregister_Notification
CM_Get_Parent
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_ListW
api-ms-win-core-path-l1-1-0
PathCchCombine
PathCchAppend
PathCchRemoveBackslash
PathAllocCanonicalize
PathAllocCombine
PathCchStripPrefix
PathCchRemoveFileSpec
api-ms-win-core-apiquery-l2-1-0
IsApiSetImplemented
api-ms-win-core-file-l2-1-2
CopyFileW
api-ms-win-core-realtime-l1-1-1
QueryInterruptTime
api-ms-win-core-file-l2-1-0
GetFileInformationByHandleEx
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
CreateSemaphoreW
api-ms-win-core-registry-l2-1-0
RegOpenKeyW
RegCreateKeyW
api-ms-win-core-timezone-l1-1-0
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
FileTimeToSystemTime
oleaut32
SysAllocString
SysFreeString
api-ms-win-core-datetime-l1-1-1
GetTimeFormatEx
GetDateFormatEx
api-ms-win-core-shutdown-l1-1-0
InitiateSystemShutdownExW
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-security-capability-l1-1-0
RpcClientCapabilityCheck
api-ms-win-service-core-l1-1-0
SetServiceStatus
RegisterServiceCtrlHandlerExW
api-ms-win-core-threadpool-legacy-l1-1-0
UnregisterWaitEx
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
bcd
BcdCloseObject
BcdOpenStoreFromFile
BcdCloseStore
BcdSetElementData
BcdOpenSystemStore
BcdOpenObject
BcdGetElementData
wer
WerStorePurge
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-core-file-l2-1-1
OpenFileById
api-ms-win-core-memory-l1-1-0
VirtualAlloc
VirtualFree
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
winhttp
WinHttpCloseHandle
cabinet
ord45
ord35
ord30
ord43
ord40
ord33
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
api-ms-win-eventing-controller-l1-1-0
ControlTraceW
EnableTraceEx2
api-ms-win-core-errorhandling-l1-1-2
RaiseFailFastException
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
ServiceMain
SvchostPushServiceGlobals
Sections
.text Size: 674KB - Virtual size: 674KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 295KB - Virtual size: 294KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 40KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 376B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
sud/security.dll.dll windows:10 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
security.pdb
Exports
Exports
AcceptSecurityContext
AcquireCredentialsHandleA
AcquireCredentialsHandleW
AddSecurityPackageA
AddSecurityPackageW
ApplyControlToken
CompleteAuthToken
DecryptMessage
DeleteSecurityContext
DeleteSecurityPackageA
DeleteSecurityPackageW
EncryptMessage
EnumerateSecurityPackagesA
EnumerateSecurityPackagesW
ExportSecurityContext
FreeContextBuffer
FreeCredentialsHandle
ImpersonateSecurityContext
ImportSecurityContextA
ImportSecurityContextW
InitSecurityInterfaceA
InitSecurityInterfaceW
InitializeSecurityContextA
InitializeSecurityContextW
MakeSignature
QueryContextAttributesA
QueryContextAttributesW
QueryCredentialsAttributesA
QueryCredentialsAttributesW
QuerySecurityContextToken
QuerySecurityPackageInfoA
QuerySecurityPackageInfoW
RevertSecurityContext
SealMessage
UnsealMessage
VerifySignature
Sections
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
sud/sppnp.dll.dll windows:10 windows x64 arch:x64
6701f021b3c20d373c51755a736bbc37
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
sppnp.pdb
Imports
msvcrt
_vsnwprintf_s
swprintf_s
__CxxFrameHandler3
_vsnwprintf
?terminate@@YAXXZ
wcscpy_s
wcschr
toupper
_vsnprintf
_resetstkoflw
memcmp
memcpy
memmove
_onexit
__dllonexit
_unlock
_lock
_initterm
_amsg_exit
_XcptFilter
free
_callnewh
malloc
swscanf
__C_specific_handler
wcsrchr
_wcsnicmp
iswalpha
qsort
swscanf_s
_wcsicmp
wcsncpy_s
memset
ntdll
RtlFreeHeap
RtlAllocateHeap
DbgPrint
RtlAdjustPrivilege
NtDeleteValueKey
NtSetValueKey
NtQueryValueKey
RtlRaiseStatus
NtOpenKey
RtlFreeUnicodeString
RtlFormatCurrentUserKeyPath
RtlMultiByteToUnicodeN
RtlMultiByteToUnicodeSize
RtlUnicodeToMultiByteN
RtlUnicodeToMultiByteSize
NtSetInformationFile
NtQueryInformationFile
RtlGetVersion
NtDeleteKey
DbgPrintEx
NtCreateKey
NtOpenKeyEx
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlNtStatusToDosError
RtlInitUnicodeString
NtUnloadKeyEx
NtQuerySystemInformation
RtlNtStatusToDosErrorNoTeb
RtlInitUnicodeStringEx
NtClose
NtQueryWnfStateData
user32
GetPropW
SetWindowPos
IsWindowVisible
GetDC
DestroyWindow
FindWindowExW
DefWindowProcW
GetMessageW
GetWindowLongW
FillRect
LoadBitmapW
SendMessageW
CreateWindowExW
LoadStringW
GetSystemMetrics
SetWindowTextW
SetClassLongPtrW
NotifyWinEvent
RegisterClassExW
SetThreadDesktop
ShowWindow
DispatchMessageW
SetTimer
MapWindowPoints
SetFocus
SetPropW
TranslateMessage
GetWindowTextW
EndPaint
BeginPaint
ReleaseDC
InvalidateRect
LoadImageW
UpdateWindow
PostQuitMessage
KillTimer
DrawTextW
GetClientRect
SetCursor
cfgmgr32
CM_Get_DevNode_Status
CMP_GetServerSideDeviceInstallFlags
CMP_WaitNoPendingInstallEvents
CM_MapCrToWin32Err
CM_Reenumerate_DevNode
setupapi
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupUninstallOEMInfW
SetupGetInfPublishedNameW
SetupGetInfDriverStoreLocationW
SetupDiOpenDeviceInfoW
SetupVerifyInfFileW
SetupDiRemoveDevice
SetupDiSetDeviceInstallParamsW
SetupDiGetDevicePropertyW
SetupDiCallClassInstaller
SetupDiGetDeviceInfoListDetailW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList
SetupDiGetClassDevsExW
SetupDiGetDeviceInstallParamsW
PnpEnumDrpFile
PnpRepairWindowsProtectedDriver
pSetupInfGetDigitalSignatureInfo
pSetupInfSetDigitalSignatureInfo
pSetupInfIsInbox
pSetupFree
SetupWriteTextLogError
SetupWriteTextLog
SetupSetNonInteractiveMode
SetupSetThreadLogToken
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupGetThreadLogToken
newdev
DiInstallDevice
DiInstallDriverW
oleaut32
SysAllocString
SysFreeString
wevtapi
EvtClearLog
wdscore
WdsInitialize
WdsTerminate
WdsSetupLogMessageW
ConstructPartialMsgVW
CurrentIP
drvstore
DriverStoreReflectCriticalW
DriverPackageGetVersionInfoW
DriverStoreSetLogContext
DriverStoreFindW
DriverPackageClose
DriverPackageOpenW
DriverStoreEnumW
DriverStoreEnumDeviceDriversW
DriverStoreOpenW
DriverStoreSetObjectPropertyW
DriverStoreGetObjectPropertyW
DriverStoreClose
api-ms-win-devices-query-l1-1-0
DevFreeObjects
DevGetObjects
DevSetObjectProperties
api-ms-win-core-registry-l1-1-0
RegUnLoadKeyW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteTreeW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyExW
RegSetValueExW
RegLoadKeyW
RegCloseKey
RegNotifyChangeKeyValue
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
GetCurrentThread
GetCurrentProcess
OpenProcessToken
OpenThreadToken
SetThreadToken
GetExitCodeProcess
CreateProcessW
GetExitCodeThread
CreateThread
QueueUserAPC
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-security-base-l1-1-0
EqualSid
AdjustTokenPrivileges
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
GetKernelObjectSecurity
DuplicateTokenEx
GetSecurityDescriptorSacl
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventRegister
EventUnregister
api-ms-win-eventing-classicprovider-l1-1-0
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
TraceEvent
api-ms-win-service-management-l1-1-0
OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
api-ms-win-security-sddl-l1-1-0
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
api-ms-win-service-core-l1-1-2
GetServiceKeyNameW
api-ms-win-service-winsvc-l1-1-0
QueryServiceStatus
api-ms-win-core-errorhandling-l1-1-0
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
SetErrorMode
SetLastError
api-ms-win-core-string-l1-1-0
CompareStringW
CompareStringOrdinal
WideCharToMultiByte
api-ms-win-core-synch-l1-1-0
WaitForMultipleObjectsEx
ReleaseMutex
CreateMutexW
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ResetEvent
WaitForSingleObjectEx
SetEvent
OpenEventW
CreateEventW
WaitForSingleObject
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
SleepEx
api-ms-win-core-synch-l1-2-0
SleepConditionVariableSRW
WakeAllConditionVariable
Sleep
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineA
GetEnvironmentVariableW
ExpandEnvironmentStringsW
api-ms-win-core-heap-l1-1-0
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
api-ms-win-core-file-l1-1-0
SetEndOfFile
CreateFileW
SetFileAttributesW
GetFileInformationByHandle
SetFilePointer
FlushFileBuffers
GetFileSize
WriteFile
FileTimeToLocalFileTime
GetFullPathNameW
DeleteFileW
GetFileAttributesW
FindNextFileW
FindFirstFileW
CompareFileTime
FindClose
CreateDirectoryW
api-ms-win-core-file-l2-1-0
MoveFileExW
CreateHardLinkW
api-ms-win-core-kernel32-legacy-l1-1-0
MulDiv
FindResourceW
LoadLibraryW
api-ms-win-security-provider-l1-1-0
SetNamedSecurityInfoW
GetNamedSecurityInfoW
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
api-ms-win-core-libraryloader-l1-2-0
LoadResource
GetModuleHandleExW
GetProcAddress
FreeLibrary
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
LoadLibraryExW
SizeofResource
LockResource
api-ms-win-core-localization-l1-2-0
GetLocaleInfoEx
FormatMessageW
LCMapStringW
GetLocaleInfoW
GetThreadLocale
api-ms-win-core-memory-l1-1-0
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
api-ms-win-core-sysinfo-l1-1-0
GetSystemWindowsDirectoryW
GetTickCount64
GetTickCount
GetSystemTimeAsFileTime
GetVersionExW
GetLocalTime
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
kernel32
IsDebuggerPresent
QueryFullProcessImageNameW
LocalFree
K32EnumProcesses
GetSystemDefaultUILanguage
FileTimeToSystemTime
api-ms-win-core-com-l1-1-0
CoInitializeEx
CoCreateInstance
CoUninitialize
gdi32
SetWorldTransform
SetTextAlign
SetMapMode
TextOutW
SetBrushOrgEx
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetStockObject
GetDeviceCaps
GetTextAlign
GetTextExtentPoint32W
SetTextColor
SetBkMode
GetObjectW
SetBkColor
SetStretchBltMode
DeleteObject
CreateSolidBrush
CreateFontIndirectW
GdiAlphaBlend
AddFontMemResourceEx
CreateDIBitmap
GetTextMetricsW
SetGraphicsMode
SetLayout
RemoveFontMemResourceEx
DeleteDC
SetTextCharacterExtra
Exports
Exports
Sysprep_Generalize_Pnp
Sysprep_Generalize_Pnp_Drivers
Sysprep_Respecialize_Pnp
Sysprep_RunDll_PnpW
Sysprep_Specialize_Offline_Pnp
Sysprep_Specialize_Pnp
Sections
.text Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 320B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
sud/sud.dll.dll regsvr32 windows:10 windows x64 arch:x64
181d2c12215fad899c0c4a65e72344bd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
sud.pdb
Imports
msvcrt
_XcptFilter
_vsnwprintf
malloc
_amsg_exit
_vsnprintf_s
_onexit
calloc
free
_initterm
_lock
_unlock
__dllonexit
__C_specific_handler
_get_errno
_set_errno
_wcsupr
memcmp
memcpy
_wcslwr
memmove_s
__CxxFrameHandler3
memcpy_s
memset
shell32
ord102
ShellExecuteW
ord71
ord848
ord155
SHGetStockIconInfo
SHBindToObject
ord25
ord18
SHParseDisplayName
ord764
ord727
SHCreateItemInKnownFolder
ShellExecuteExW
SHGetFileInfoW
ord859
ord4
ord2
ord704
ord866
Shell_GetCachedImageIndexW
shlwapi
ord487
ord156
ord618
ord24
ord514
ord197
ord219
ord174
ord204
ord256
ord615
ord437
ord158
ord199
ord176
AssocCreate
ord538
ord388
ord172
SHStrDupW
ord629
StrCmpIW
ord16
ord278
PathFindFileNameW
SHRegGetValueW
SHRegGetUSValueW
ord165
PathParseIconLocationW
uxtheme
SetWindowTheme
ord120
ord121
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleW
FindResourceExW
LoadResource
LockResource
DisableThreadLibraryCalls
GetProcAddress
LoadLibraryExW
LoadStringW
GetModuleFileNameA
GetModuleHandleExW
GetModuleFileNameW
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceBeginInitialize
InitOnceComplete
api-ms-win-core-synch-l1-1-0
CreateMutexExW
AcquireSRWLockShared
CreateSemaphoreExW
EnterCriticalSection
ReleaseSemaphore
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
WaitForMultipleObjectsEx
AcquireSRWLockExclusive
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSRWLockShared
InitializeCriticalSectionEx
api-ms-win-core-heap-l1-1-0
HeapFree
HeapDestroy
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
RaiseException
GetLastError
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventEnabled
EventSetInformation
EventWrite
EventWriteTransfer
EventRegister
EventActivityIdControl
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
DebugBreak
IsDebuggerPresent
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-registry-l1-1-0
RegQueryInfoKeyW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegGetValueW
RegOpenKeyExW
api-ms-win-core-com-l1-1-0
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
PropVariantClear
CoWaitForMultipleHandles
CoTaskMemRealloc
CoGetMalloc
CoGetApartmentType
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-psapi-l1-1-0
K32GetProcessImageFileNameW
api-ms-win-core-string-l1-1-0
CompareStringOrdinal
CompareStringW
api-ms-win-core-string-l2-1-0
CharUpperW
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
oleaut32
VariantClear
api-ms-win-core-winrt-string-l1-1-0
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsCreateStringReference
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetTickCount
advapi32
RegEnumKeyW
advpack
RegInstallW
kernel32
lstrlenW
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
ntdll
EtwEventWriteTransfer
EtwLogTraceEvent
WinSqmAddToStream
ole32
CoAllowSetForegroundWindow
propsys
PSPropertyBag_WriteUnknown
PSPropertyBag_ReadStr
dui70
?SetContentAlign@Element@DirectUI@@QEAAJH@Z
?GetAtomZero@Value@DirectUI@@SAPEAV12@XZ
?GetUnset@Value@DirectUI@@SAPEAV12@XZ
?SetActive@Element@DirectUI@@QEAAJH@Z
?GetStringNull@Value@DirectUI@@SAPEAV12@XZ
?CreateXBaby@XProvider@DirectUI@@UEAAJPEAVIXElementCP@2@PEAUHWND__@@PEAVElement@2@PEAKPEAPEAUIXBaby@2@@Z
?SetButtonClassAcceptsEnterKey@XProvider@DirectUI@@UEAAJ_N@Z
?SetRegisteredDefaultButton@XProvider@DirectUI@@UEAAJPEAVElement@2@@Z
?ClickDefaultButton@XProvider@DirectUI@@UEAAHXZ
?ForceThemeChange@XProvider@DirectUI@@UEAAJ_K_J@Z
?GetHostedElementID@XProvider@DirectUI@@UEAAJPEAG@Z
?FindElementWithShortcutAndDoDefaultAction@XProvider@DirectUI@@UEAAHGH@Z
?CanSetFocus@XProvider@DirectUI@@UEAAJPEA_N@Z
?Navigate@XProvider@DirectUI@@UEAAJHPEA_N@Z
?SetFocus@XProvider@DirectUI@@UEAAJPEAVElement@2@@Z
?IsDescendent@XProvider@DirectUI@@UEAAJPEAVElement@2@PEA_N@Z
?GetDesiredSize@XProvider@DirectUI@@UEAAJHHPEAUtagSIZE@@@Z
?SetParameter@XProvider@DirectUI@@UEAAJAEBU_GUID@@PEAX@Z
?AddRef@XProvider@DirectUI@@UEAAKXZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?SetDefaultButtonTracking@XProvider@DirectUI@@UEAAJ_N@Z
?SetHandleEnterKey@XProvider@DirectUI@@IEAAX_N@Z
?CreateDUI@XProvider@DirectUI@@UEAAJPEAVIXElementCP@2@PEAPEAUHWND__@@@Z
?GetRoot@XProvider@DirectUI@@IEAAPEAVElement@2@XZ
?Initialize@XProvider@DirectUI@@QEAAJPEAVElement@2@PEAVIXProviderCP@2@@Z
?Create@XResourceProvider@DirectUI@@SAJPEAUHINSTANCE__@@PEBG11PEAPEAV12@@Z
?QueryInterface@XProvider@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
??1XProvider@DirectUI@@UEAA@XZ
??0XProvider@DirectUI@@QEAA@XZ
?GetChildren@Element@DirectUI@@QEAAPEAV?$DynamicArray@PEAVElement@DirectUI@@$0A@@2@PEAPEAVValue@2@@Z
?Init@NavReference@DirectUI@@QEAAXPEAVElement@2@PEAUtagRECT@@@Z
?GetAtom@Value@DirectUI@@QEAAGXZ
?Register@Element@DirectUI@@SAJXZ
?GetString@Value@DirectUI@@QEAAPEBGXZ
?GetValue@Element@DirectUI@@QEAAPEAVValue@2@PEBUPropertyInfo@2@HPEAUUpdateCache@2@@Z
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?SetID@Element@DirectUI@@QEAAJPEBG@Z
?SetAccessible@Element@DirectUI@@QEAAJ_N@Z
?SetAccRole@Element@DirectUI@@QEAAJH@Z
?SetConstrainLayout@RichText@DirectUI@@QEAAJH@Z
UnInitThread
StartMessagePump
UnInitProcessPriv
InitThread
InitProcessPriv
?Create@RichText@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEAUHICON__@@_N11@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEAUHBITMAP__@@EI_N11@Z
?EndDefer@Element@DirectUI@@QEAAXK@Z
?StartDefer@Element@DirectUI@@QEAAXPEAK@Z
?ContentProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZHPEAVValue@2@@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?GetEnabled@Element@DirectUI@@QEAA_NXZ
?IsContentProtected@Edit@DirectUI@@UEAA_NXZ
?GetMultiline@Edit@DirectUI@@QEAA_NXZ
?GetThemedBorder@Edit@DirectUI@@QEAA_NXZ
?SetMultiline@Edit@DirectUI@@QEAAJ_N@Z
?Initialize@Edit@DirectUI@@QEAAJIPEAVElement@2@PEAK@Z
?CreateHWND@Edit@DirectUI@@MEAAPEAUHWND__@@PEAU3@_N@Z
?OnNotify@Edit@DirectUI@@UEAA_NI_K_JPEA_J@Z
?MessageCallback@Edit@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?GetContentSize@Edit@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?OnInput@Edit@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnPropertyChanged@Edit@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?Register@Edit@DirectUI@@SAJXZ
?CreateAccNameLabel@HWNDHost@DirectUI@@IEAAPEAUHWND__@@PEAU3@@Z
??1Edit@DirectUI@@UEAA@XZ
??0Edit@DirectUI@@QEAA@XZ
?GetClassInfoPtr@Edit@DirectUI@@SAPEAUIClassInfo@2@XZ
?QueryInterface@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?GetHWND@HWNDHost@DirectUI@@UEAAPEAUHWND__@@XZ
?DefaultAction@CCBase@DirectUI@@UEAAJXZ
?PostCreate@CCBase@DirectUI@@MEAAXPEAUHWND__@@@Z
?Initialize@CCListView@DirectUI@@QEAAJIPEAVElement@2@PEAK@Z
??1CCListView@DirectUI@@UEAA@XZ
?OnReceivedDialogFocus@CCBase@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?OnLostDialogFocus@CCBase@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?OnCustomDraw@CCBase@DirectUI@@UEAA_NPEAUtagNMCUSTOMDRAWINFO@@PEA_J@Z
?EraseBkgnd@HWNDHost@DirectUI@@MEAA_NPEAUHDC__@@PEA_J@Z
?CreateHWND@CCBase@DirectUI@@UEAAPEAUHWND__@@PEAU3@@Z
?SetWindowDirection@HWNDHost@DirectUI@@UEAAXPEAUHWND__@@@Z
?OnAdjustWindowSize@HWNDHost@DirectUI@@UEAAHHHI@Z
?OnWindowStyleChanged@HWNDHost@DirectUI@@UEAAX_KPEBUtagSTYLESTRUCT@@@Z
?OnCtrlThemeChanged@HWNDHost@DirectUI@@UEAA_NI_K_JPEA_J@Z
?OnSinkThemeChanged@HWNDHost@DirectUI@@UEAA_NI_K_JPEA_J@Z
?OnSysChar@HWNDHost@DirectUI@@UEAA_NG@Z
?OnMessage@HWNDHost@DirectUI@@UEAA_NI_K_JPEA_J@Z
?GetAccessibleImpl@HWNDHost@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?GetKeyFocused@HWNDHost@DirectUI@@UEAA_NXZ
?OnUnHosted@HWNDHost@DirectUI@@MEAAXPEAVElement@2@@Z
?OnHosted@HWNDHost@DirectUI@@MEAAXPEAVElement@2@@Z
?MessageCallback@HWNDHost@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?SetKeyFocus@HWNDHost@DirectUI@@UEAAXXZ
?GetContentSize@CCListView@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@HWNDHost@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnEvent@HWNDHost@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnDestroy@HWNDHost@DirectUI@@UEAAXXZ
?OnInput@CCBase@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnPropertyChanged@CCBase@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?Register@CCListView@DirectUI@@SAJXZ
?OnNotify@CCBase@DirectUI@@UEAA_NI_K_JPEA_J@Z
?FireEvent@Element@DirectUI@@QEAAXPEAUEvent@2@_N1@Z
??0CCListView@DirectUI@@QEAA@XZ
?GetClassInfoPtr@CCListView@DirectUI@@SAPEAUIClassInfo@2@XZ
?Release@Value@DirectUI@@QEAAXXZ
??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CritSecLock@DirectUI@@QEAA@XZ
?IsRTLReading@Element@DirectUI@@UEAA_NXZ
?IsContentProtected@Element@DirectUI@@UEAA_NXZ
?UpdateTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?ActivateTooltip@Element@DirectUI@@MEAAXPEAV12@K@Z
?RemoveTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?GetKeyFocused@Element@DirectUI@@UEAA_NXZ
?GetID@Element@DirectUI@@QEAAGXZ
?GetSelected@Element@DirectUI@@QEAA_NXZ
?SetVisible@Element@DirectUI@@QEAAJ_N@Z
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UEBAXXZ
?GetChildren@ClassInfoBase@DirectUI@@UEBAHXZ
?RemoveChild@ClassInfoBase@DirectUI@@UEAAXXZ
?AddChild@ClassInfoBase@DirectUI@@UEAAXXZ
?IsGlobal@ClassInfoBase@DirectUI@@UEBA_NXZ
?GetModule@ClassInfoBase@DirectUI@@UEBAPEAUHINSTANCE__@@XZ
?IsSubclassOf@ClassInfoBase@DirectUI@@UEBA_NPEAUIClassInfo@2@@Z
?IsValidProperty@ClassInfoBase@DirectUI@@UEBA_NPEBUPropertyInfo@2@@Z
?GetName@ClassInfoBase@DirectUI@@UEBAPEBGXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UEBAIXZ
?GetPICount@ClassInfoBase@DirectUI@@UEBAIXZ
?GetByClassIndex@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?Release@ClassInfoBase@DirectUI@@UEAAHXZ
?AddRef@ClassInfoBase@DirectUI@@UEAAXXZ
?GetUiaFocusDelegate@Element@DirectUI@@UEAAPEAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
?GetElementProviderImpl@Element@DirectUI@@UEAAJPEAVInvokeHelper@2@PEAPEAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?DefaultAction@Element@DirectUI@@UEAAJXZ
?GetAccessibleImpl@Element@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?OnUnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?OnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MEAAXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UEAAXPEAUtagRECT@@@Z
?MessageCallback@Element@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?RemoveBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?SetKeyFocus@Element@DirectUI@@UEAAXXZ
?EnsureVisible@Element@DirectUI@@UEAA_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UEAAPEAV12@PEAV12@HPEBUNavReference@2@K@Z
?Remove@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?Insert@Element@DirectUI@@UEAAJPEAPEAV12@II@Z
?Add@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?GetContentSize@Element@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@Element@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnDestroy@Element@DirectUI@@UEAAXXZ
?OnMouseFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnKeyFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
??1ClassInfoBase@DirectUI@@UEAA@XZ
??0ClassInfoBase@DirectUI@@QEAA@XZ
?Destroy@Element@DirectUI@@QEAAJ_N@Z
?Initialize@ClassInfoBase@DirectUI@@QEAAJPEAUHINSTANCE__@@PEBG_NPEBQEBUPropertyInfo@2@I@Z
?Register@ClassInfoBase@DirectUI@@QEAAJXZ
?ClassExist@ClassInfoBase@DirectUI@@SA_NPEAPEAUIClassInfo@2@PEBQEBUPropertyInfo@2@IPEAU32@PEAUHINSTANCE__@@PEBG_N@Z
?GetFactoryLock@Element@DirectUI@@SAPEAU_RTL_CRITICAL_SECTION@@XZ
?OnInput@Element@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnEvent@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?GetContentString@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?Click@Button@DirectUI@@SA?AVUID@@XZ
StrToID
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
??1Element@DirectUI@@UEAA@XZ
??0Element@DirectUI@@QEAA@XZ
?Initialize@Element@DirectUI@@QEAAJIPEAV12@PEAK@Z
?GetContentStringAsDisplayed@Edit@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
?OnGroupChanged@Element@DirectUI@@UEAAXH_N@Z
gdi32
DeleteObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
GetObjectW
SelectObject
GdiAlphaBlend
StretchDIBits
user32
SendMessageW
GetSystemMetrics
DestroyIcon
GetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
DefWindowProcW
CreateWindowExW
PostMessageW
SetWindowLongW
CopyImage
CopyRect
ReleaseDC
GetDC
PostQuitMessage
SetCursor
LoadCursorW
TranslateMessage
EnumWindows
GetWindowBand
MsgWaitForMultipleObjectsEx
PeekMessageW
GetMonitorInfoW
DispatchMessageW
MonitorFromWindow
IsWindowVisible
GetWindowThreadProcessId
GetFocus
DestroyWindow
combase
ord65
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ